I’ve been doing a little email hack for the past few years. I can’t imagine I’m the only one that’s thought of this but every time I tell someone about it they think it’s clever and they’ve never thought of doing it, so I thought I would share. For the…

The event-stream package had a major vulnerability. The malicious code was actually found in version 0.1.1 of flatmap-stream, but event-stream was the true source of the issue as it’s a popular package and introduced flatmap-stream in version 3.3.6 as part of the hack. In a number of my projects it…